Notice ID: 36C10B24Q0128
Description
36C10B24Q0128 Augmented Reality/Virtual Museum REQUEST FOR INFORMATION Augmented Reality/Virtual Museum Introduction: The purpose of this Request for Information (RFI) is for conducting market research. Accordingly, this RFI constitutes neither a Request for Quote (RFQ), Request for Proposal (RFP), nor a guarantee that one will be issued by the Government in the future; furthermore, it does not commit the Government to contract for any services described herein. The Department of Veterans Affairs (VA) is not, at this time, seeking proposals or quotes, and therefore, will not accept, review, or evaluate unsolicited proposals or quotes received in response hereto.
This notice is not to be construed as a commitment on the part of the Government to award a contract, nor does the Government intend to pay for any information submitted because of this request. The Government does not reimburse respondents for any costs associated with submission of the information being requested or reimburse expenses incurred for responses to this RFI. The information provided may be used by VA in developing its acquisition strategy and Performance Work Statement (PWS) or Product Description (PD). Any information submitted by respondents to this RFI is strictly voluntary; however, any information received shall become the property of the Government and will not be returned to the respondent. Interested parties are responsible for adequately marking proprietary, restricted, or competition sensitive information contained in their response. This is a request for information and does not obligate the Government in any way, nor does it commit the Government to any specific course of action. Product information, brochures, part numbers, and/or other description information may be included with the submission. Requirement:
The VA History Office (VAHO) is seeking an Augmented Reality/Virtual Museum SaaS enterprise solution such as Timelooper Trails or equivalent to develop an Augmented Reality tour application for use at the Dayton VA Medical Center. This will provide visitors with an immersive experience to learn the facilities long history starting with its development as a National Home for Disabled Volunteer Soldiers. The development of this solution will also provide infrastructure for the development of a Virtual Museum that will provide an environment for VAHO to share its collections with online visitors through virtual exhibits, game play and educational opportunities. The below draft Product Description excerpt describes the technical specifications for this effort. The information system solution selected by the Contractor shall comply with the Federal Information Security Management Act (FISMA). The Contractor shall comply with FedRAMP requirements for Low Impact level as mandated by Federal laws and policies, including making available any documentation, physical access, and logical access needed to support this requirement. The Contractor shall provide a SaaS product as defined by the following criteria: Software as a Service (SaaS) is an application delivery model in which the application is hosted on a cloud infrastructure outside the security boundary of VA and is provided to the Cloud Service Customer (CSC) over the internet. The CSC uses the SaaS offering via a thin-client interface, such as a web-browser or a program interface.
The CSC subscribes to the SaaS offering and is only responsible for limited application configuration settings. The Cloud Service Provider (CSP) offering the application is responsible for management of the application, safeguarding of data stored or processed by the application, and all elements of the underlying infrastructure. In order to qualify as SaaS for use at VA, and to align with Federal Risk and Authorization Management Program (FedRAMP) requirements, the hosting for the offering must conform to the NIST 800-145 definition of Cloud Computing and thus contain following key characteristics: On-Demand Self-Service: The CSP fully automates the provisioning of both the customer interface and the underlying cloud components of the SaaS offering. In some cases, to the CSP may provision internal resources manually, while providing the CSC an automated interface to request and track the service. Broad Network Access: The SaaS capabilities are available over the internet or over a network that is available from all access points the CSC requires. The SaaS offering is accessible through common platforms (e.g., mobile phones, tablets, laptops, and workstations).
Resource Pooling: The computing infrastructure supporting the SaaS offering is shared among more than one CSC using a multi-tenant model, and resources are dynamically assigned depending on customer demand. Rapid Elasticity: Computing capabilities are automatically provisioned and released in a manner that scales with customer demand. In some cases, the scaling of resources may not be fully automated, but it should be fast enough to support the needs of the CSC, which the CSC would have to define. Measured Service: Resource usage, such as storage, processing, bandwidth, and user activity are measured and reported on in a manner that is relevant to the SaaS offering. The SaaS offering must be hosted within the United States and data stored/processed/transmitted within the offering must remain within the United States. CSPs should be aware of FedRAMP and ready to partner with VA through the SaaS FedRAMP Authorization process. Following guidance from the Federal CIO, VA will utilize existing JAB ATO or agency ATO issued by another agency as a starting point for FedRAMP requirements. If neither of those exist, VA will sponsor FedRAMP ATO.
VA will be using the FedRAMP baselines as a starting point, since they are specifically tailored for cloud services. The Contractor shall, where applicable, assist with the VA ATO Process to help achieve agency authorization of the cloud service or migrated application at a Low Impact level. The Contractor shall complete a FedRAMP System Security Plan (SSP) and supporting documentation within 45 calendar days after contract award. (If Data Security Categorization is High Impact, this will be due 85 calendar days after contract award.) The Contractor shall complete a Third-Party Assessment Organization (3PAO) Security Assessment Plan (SAP) within 90 calendar days after contract award. (If Data Security Categorization is High Impact, this will be due after 130 calendar days after contract award.) The Contractor shall complete a 3PAO Security Assessment Report (SAR) within 140 calendar days after contract award. (If Data Security Categorization is High Impact, this will be due 180 calendar days after contract award.) The Contractor shall afford VA access to the Contractor s and Cloud Service Provider s (CSP) facilities, installations, technical capabilities, operations, documentation, records, and databases. If new or unanticipated threats or hazards are discovered by either VA or the Contractor, or if existing safeguards have ceased to function, the discoverer shall immediately bring the situation to the attention of the other party in accordance with the security addendum B.
The Contractor shall not release any data without the consent of VA in writing. All requests for release must be submitted in writing to the Contracting Officer s Representative (COR)/Contracting Officer (CO). For live VA data to be used in this system, a FedRAMP Authorization and Agency ATO will be required. Deliverables: FedRAMP System Security Plan (SSP) and supporting documentation VA Implementation Diagram: This is a VA specific architecture diagram demonstrating the proposed implementation of this system at VA (VAID) 3PAO Security Assessment Plan (SAP) 3PAO Security Assessment Report (SAR) Augmented Reality/Virtual Museum SaaS enterprise solution Additional tasks and optional tasks as defined in Table 1 The solution must be able integrate a variety of content, including historic images, records, audio visual material, digital assets, and 3D renderings. This content will be integrated into the solution and will be shared through video, audio, holograms, interactive characters, maps and experiences. The proposed acquisition is to provide a VA-wide enterprise SaaS solution for Augmented Reality and Virtual Museum. The period of performance shall be a 12-month base period, with four (4) 12-month option periods with optional tasks.